JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 132.196.82.2

132.196.82.2 was found in our database!

This IP was reported 186 times. Confidence of Abuse is 53%: ?

53%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 132.196.82.2

Whois 132.196.82.2

IP Abuse Reports for 132.196.82.2:

This IP address has been reported a total of 186 times from 143 distinct sources. 132.196.82.2 was first reported on August 10th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇴 adalbertoreyes.org	2026-06-02 17:20:51 (1 week ago)	CategoryPortScan	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 09:37:44 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:37:39.435250 2026] [security2:error] [pid 12463:tid 12463] [client 132.196.82.2:15507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.94"] [uri "/.env"] [unique_id "ah6kY24DEMrd4xeVaBKNdgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇭 Sawasdee	2026-06-02 09:06:09 (1 week ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-02 08:44:00 (1 week ago)	tcp port scan (6 or more attempts)	Port Scan
🇨🇿 sajmon0011	2026-06-02 08:22:21 (1 week ago)	132.196.82.2 - - [02/Jun/2026:10:22:21 +0200] "GET /.env.production HTTP/1.1" 404 196 "-" "Mozilla/5 ... show more 132.196.82.2 - - [02/Jun/2026:10:22:21 +0200] "GET /.env.production HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ... show less	Web App Attack
🇳🇱 wlt-blocker	2026-06-02 07:55:27 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 RAP	2026-06-02 07:18:05 (1 week ago)	2026-06-02 07:18:05 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 05:39:13 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 01:39:09.226258 2026] [security2:error] [pid 1675:tid 1675] [client 132.196.82.2:15881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.13"] [uri "/.git/HEAD"] [unique_id "ah5sfdhrA9OWb4s7WcLLuwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 donarev419	2026-06-02 05:12:17 (1 week ago)	Port scan detected on port 2083 (connection without data transfer)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 04:29:47 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 132.196.82.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 00:29:40.649171 2026] [security2:error] [pid 9846:tid 9846] [client 132.196.82.2:15559] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.107"] [uri "/.git/HEAD"] [unique_id "ah5cNLQIv2g6_nbcDFJxRAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-05-31 20:00:15 (1 week ago)	2026-05-31 20:00:15 UTC Unauthorized activity to TCP port 9200.	Port Scan
🇯🇵 demonsword	2026-05-12 03:38:28 (4 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: icanhazip.com:443 show less	Open Proxy Port Scan
🇫🇷 gooko	2026-05-11 13:53:29 (4 weeks ago)	SSH brute-force attack detected by fail2ban jail 'sshd'	Brute-Force SSH
🇺🇸 [email protected]	2026-03-26 18:00:42 (2 months ago)	RdpGuard detected brute-force attempt on RDP	Brute-Force
🇹🇷 0xi	2026-03-13 08:45:36 (2 months ago)	SSH brute-force attack detected (52 attempts). Targeted ports: 22. Triggered sensors: P0f, Cowrie, S ... show more SSH brute-force attack detected (52 attempts). Targeted ports: 22. Triggered sensors: P0f, Cowrie, Suricata, Fatt. Post-exploitation commands were executed. Observed via distributed honeypot network. show less	Brute-Force SSH

Showing 1 to 15 of 186 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 38.55.111.75

🇺🇿 194.107.115.199

🇬🇧 193.163.125.103

🇺🇸 193.3.53.4

🇨🇳 183.198.241.208

🇮🇳 119.18.55.118

🇮🇳 103.248.120.6

🇸🇪 79.76.58.113

🇳🇱 77.83.39.94

🇺🇸 34.174.64.99

🇺🇸 34.125.31.131

🇺🇸 20.46.235.137

🇪🇹 196.189.51.246

🇲🇴 182.93.50.90

🇺🇸 147.185.132.203

🇹🇭 147.50.227.79

🇨🇳 125.112.235.249

🇺🇸 52.165.80.210

🇳🇱 45.156.87.127

🇩🇪 213.209.159.56